-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
161 lines (125 loc) · 4.81 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
version: '3.8'
services:
# ========================================== #
# Nginx-proxy #
# ========================================== #
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx_proxy_ghost
volumes:
# Read-only SSL certs
- certs:/etc/nginx/certs:ro
# Nginx virtual hosts and HTML dirs
# These are used by SSL proxy companion to write challenge files
- nginx_vhosts:/etc/nginx/vhost.d
- nginx_html:/usr/share/nginx/html
# Docker socket, required for discovering running containers
- /var/run/docker.sock:/tmp/docker.sock:ro
ports:
- 80:80
- 443:443
networks:
- ghost
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: ""
restart: always
# ========================================== #
# Letsencrypt #
# ========================================== #
# From jwilder's nginx-proxy companion
# This generates SSL certs when a new container with the VIRTUAL_HOST label is discovered.
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx_proxy_letsencrypt
volumes:
- certs:/etc/nginx/certs
# Nginx virtual hosts configs
- nginx_vhosts:/etc/nginx/vhost.d
# Nginx HTML dir
- nginx_html:/usr/share/nginx/html
# Docker socket, required for container discovery
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: unless-stopped
depends_on:
- nginx-proxy
networks:
ghost:
# ========================================== #
# Ghost #
# ========================================== #
ghost:
image: ghost:${GHOST_DOCKER_VERSION}
container_name: ghost_blog
hostname: ghost-blog
expose:
- 2368:2368
volumes:
- ./data/ghost/content:/var/lib/ghost/content:z
restart: always
depends_on:
- db
environment:
NODE_ENV: ${NODE_ENV}
url: "${PROTOCOL}://${APP_DOMAIN}:${GHOST_PORT}" # used by Ghost for site config
VIRTUAL_HOST: "${APP_DOMAIN},www.${APP_DOMAIN}" # used by nginx-proxy
VIRTUAL_PORT: ${GHOST_PORT}
# Enabling these environment variables will cause the letsencrypt companion to notice the container
# and try to generate SSL certs
LETSENCRYPT_HOST: "${APP_DOMAIN},www.${APP_DOMAIN}"
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
LETSENCRYPT_TEST: ${LETSENCRYPT_IS_TEST_DOMAIN} # prevents trying to generate certs for development sites
DEBUG: ${LETSENCRYPT_DEBUG} # enable debug logging of the SSL scripts
# Database settings
database__client: mysql
database__connection__host: db # this points to the db service container
database__connection__user: ${MYSQL_USER}
database__connection__password: ${MYSQL_PASSWORD}
database__connection__database: ${MYSQL_DATABASE}
# Backblaze env settings
storage__ghost-storage-back-blaze__keyId: ${BACKBLAZE_KEY_ID}
storage__ghost-storage-back-blaze__secretKey: ${BACKBLAZE_SECRET}
# R2 env settings
GHOST_STORAGE_ADAPTER_R2_ENDPOINT: ${GHOST_STORAGE_ADAPTER_R2_ENDPOINT}
GHOST_STORAGE_ADAPTER_R2_ACCESS_KEY_ID: ${GHOST_STORAGE_ADAPTER_R2_ACCESS_KEY_ID}
GHOST_STORAGE_ADAPTER_R2_SECRET_ACCESS_KEY: ${GHOST_STORAGE_ADAPTER_R2_SECRET_ACCESS_KEY}
GHOST_STORAGE_ADAPTER_R2_BUCKET: ${GHOST_STORAGE_ADAPTER_R2_BUCKET}
GHOST_STORAGE_ADAPTER_R2_DOMAIN: ${GHOST_STORAGE_ADAPTER_R2_DOMAIN}
# S3-compatible storage backend
# eg: 'ghost-storage-back-blaze' or 'ghost-cloudflare-r2'
storage__active: ${STORAGE_BACKEND}
storage__media__adapter: ${STORAGE_BACKEND}
storage__files__adapter: ${STORAGE_BACKEND}
storage__media__storage_type_media: true
storage__files__storage_type_files: true
networks:
- ghost
# ========================================== #
# MySQL #
# ========================================== #
db:
container_name: ghost_db
image: mysql:${MYSQL_DOCKER_VERSION:-latest}
restart: always
volumes:
- ghost_data:/var/lib/mysql
ports:
- ${MYSQL_PORT:-3306}:3306
environment:
MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}"
MYSQL_DATABASE: "${MYSQL_DATABASE}"
MYSQL_USER: "${MYSQL_USER}"
MYSQL_PASSWORD: "${MYSQL_PASSWORD}"
networks:
- ghost
# ========================================== #
# Docker volumes & networks #
# ========================================== #
volumes:
ghost_data: # MySQL data
certs: # Letsencrypt certs
# Nginx vhosts and HTML directories -- used by letsencrypt for challenge files
nginx_vhosts:
nginx_html:
networks:
ghost:
name: ghost_nginx_network